Revision of the EU Data Protection Directive?
Posted October 2, 2010 by SKW Schwarz · Print This Post
On 1 July 2010, a hearing was held in Brussels regarding the necessity to revise the Data Protection Directive. The objective of the hearing was a discussion of the results of a consultation made by the Commission before by way of a questionnaire survey. The hearing concluded that a complete revision of the European Data Protection Directive can no longer be excluded. For example, massive aggravations were being discussed. Similar to the current drafts regarding employee data protection on a national level, it becomes more and more likely that the term “sensitive data” will be extended to cover also biometric/genetic data, family data and data regarding minors, as well as “data of a financial nature”. It was also discussed whether any form of data processing and use should be made subject to a prior consent by the data subject. “By way of mediation”, it was considered that implicit or implied declarations could also be sufficient.
In terms of the “right to forget”, deletion periods and procedures, as well as “profiling”, were discussed, with the latter term not being defined in detail. This could, however, cover decision support systems, which have varied areas of application. Finally, the necessity of regulations regarding data protection in “Cloud Computing” was discussed.
Practical tip: Data-processing enterprises ought to monitor the development at a European level closely in order to avoid “surprises”.
(Dr. Wulf Kamlah, Frankfurt a.M.)